<?php
require_once('App-Top.php');
require_once('Cookie-Handler.php'); //// Only Activate in UNProtected Area
////require_once('Authorizer.php'); //// Only Activate in Protected Area
require_once('FEFunctions.php');
//// ForgotPassw.php
//// This is the Recover Password Interface for the WOG site.
//// Set Page Title
$page_title = 'Forgot Password -  Whiff Of Grape';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title><?php echo $page_title; ?></title>
        <style type="text/css" media="screen">@import url(style.css);</style>
    </head>

    <body>
        <div id="bigWrapper">

            <div id="wrapper">

                <div id="header">
                </div>

                <div id="sidebar">

                <?php
                require_once('MenuLeft.php');
                ?>

                </div>

                <!-- End of Header & Start Content -->

                <div id="body">

                    <div id="entryTitlePage"><?php echo $page_title; ?></div>

                    <!-- TODO: CSS Passw Form class="???" -->
                    <form id="recoverPassw" name="recoverPassw" method="POST" action="ForgotPassw.php" class="frontEnd01">
                        <fieldset>

                            <legend>Send new password to my Email</legend>

                            <ul>

                                <li>
                                    <label title="Email" for="email">Email</label>
                                    <input name="email" type="text" id="email"  size="30" maxlength="40" value="<?php if (isset($_POST['email'])) { echo $_POST['email']; } ?>" />
                                </li>

                            </ul>

                            <input class="ButtonSubmit" type="submit" name="SubmitResetPassw" value="Reset My Password" />
 
                            <input type="hidden" name="SentResetPassw" value="TRUE" />
                        </fieldset>
                    </form>


                <?php

                    //// Form was Submitted
                    if (isset($_POST['SentResetPassw']))
                    {
                        require_once(MYSQL);
                        require_once(STATEM_MYSQL);
                        require_once('FEFunctions.php');

                        $emailReset = heal($_POST['email']);
                        $emailReset = clean($emailReset, $dbc);
                        
                        //// Validate Email
                        if (isValid('email', $emailReset))
                        {
                            //// Check for the existence of that email address
                            $q = sprintf($Q_User_Email_ResetPassw, $emailReset);
                            $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

                            if (mysqli_num_rows($r) == 1)
                            {
                                // Create a new, random password:
                                $p = substr(md5(uniqid(rand(), true)), 3, 10);

                                // Update the database
                                $q = sprintf($U_None_Email_ResetPassw, $p, $emailReset);
                                $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

                                if (mysqli_affected_rows($dbc) == 1)
                                {
                                    //// One row changed. Then Send an email
                                    $body = "Your password to log into www.whiff.bc.ca has been temporarily changed to '$p' (without the ''). Please log in using this Password and this Username '$emailReset'. Then you may change your password to something more familiar.";
                                    mail($emailReset, 'Your Temporary Password - Whiff of Grape', $body, 'From: ' . EMAIL);

                                    //// Inform user of email

                                    echo "<p class='entrybodybold'>Dear Member,</p>";
                                    echo "<br />";
                                    echo "<p class='entrybody'>Your password has been changed. You will receive the new temporary password at the email address provided. Once you have logged in with this password, you may change it by clicking on Change Password.</p>";

                                } 
                                else
                                {
                                    //// If there was an issue
                                    echo '<p class="error">Your password could not be changed. We apologize for any inconvenience. Please try again later.</p>';
                                }
                            } 
                            else
                            {
                                //// No database match made.
                                echo '<p class="error">The submitted email address does not match those on file or it belongs to an inactive member!</p>';
                            }
                        } 
                        else
                        {
                            //// No email!
                            echo '<p class="error">You forgot to enter your email address or the email address is incorrect!</p>';
                        }
                        mysqli_close($dbc);
                    }
                ?>
                
                </div> <!-- Closes body -->
                <!-- End of Content & Start Footer -->

                    <div id="footer">

                    <?php
                    //// Includer Footer
                    include ('footer.php');
                    ?>

                    </div>

                </div> <!-- Closes Wrapper -->
            </div> <!-- Closes bigWrapper -->
        </body>
    </html>
<?php
require_once('App-End.php');
?>

<!-- Designed & Developed By Jose Trujillo (2011) -->